Notice of Allowability 


Application NO. 

10/711.491 


Applicant(s) 
ROTHSTEIN. ARTHUR 


Examiner 

Brandon S, Hoffman 


Art Unit 

2136 





-- The MAILING DA TE of this communication appears on the cover sheet with the correspondence address- 
All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1313 and MPEP 1308. 

1 . ^ This communication is responsive to appeal brief filed September 19. 2007 , 

2. M The allowed claim(s) is/are 1 '5.7-24.26-38.40-47.49-55 and 57-60 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a) □ All b) □ Some* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason{s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1 ) □ hereto or 2) □ to Paper No./Mail Date 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of . 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings In the front (not the back) of 
each sheet Replacement sheet(s) should be labeled as such In the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 



Attachment(s) 

1 . □ Notice of References Cited (PTO-892)- 

2. □ Notice of Draftperson's Patent Drawing Review (PTO-948) 

3. □ Infomriation Disclosure Statements (PTO/SB/08), 

Paper No./Mail Date 

4. □ Examiner's Comment Regarding Requirement for Deposit 

of Biological Material 



NASSER MOAZZAMI 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



5, □ Notice of Informal Patent Application 

6. □ Interview Summary (PTO-413), 

Paper No./Mall Date . 

7. 13 Examiner's Amendment/Comment 

8. ^ Examiner's Statement of Reasons for Allowance 

9. □ Other 
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PTOL-37 (Rev. 08-06) 
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DETAILED ACTION 

1. Claims 1-5, 7-24, 26-38, 40-47, 49-55, 57-60 are pending in tiiis office action, 
claims 6, 25, 39, and 56 are canceled with the following examiners amendment. 

Allowable Subject Matter 

2. Claims 1-5, 7-24, 26-38, 40-47, 49-55, and 57-60 are allowed. 

3. The following is an examiner's statement of reasons for allowance: the prior art of 
record fails to teach extracting export information of a function by removing the export 
information from an export table. This prevents a hacker from reading and using the 
export information in order to exploit export information to be used in an attack. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

4. An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with G. Mack Riddle (U.S. Reg. No. 55,572) on November 27, 2007. 
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Claim 1 (Currently Amended). A method for securing a program comprised of a 
plurality of interoperable components, the method comprising: 

extracting export information about a function of a first component of the program 
that is callable by at least one other component of the program , wherein said extracting 
steo includes removing the export information from an export table of the first 
component ; 

securing the extracted export information; 

in response to an attempt by a second component to invoke the function of the 
first component, validating authenticity of the second component; 

if the authenticity of the second component is validated, providing access to the 
function of the first component using the secured extracted export information; and 

othenA/ise, blocking the attempt by the second component to invoke the function. 

Claim 6 (Canceled). 

Claim 1 5 (Currently Amended). A method for securing a program comprised of a 
plurality of modules, at least one of the modules having export information for allowing 
other modules to invoke its program code, the method comprising: 

generating signatures for at least some of the program's modules; 

as the program is loaded, validating said signatures so as to verify authenticity of 
respective modules of the program; 
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for each module having program code that may be invoked by another module, 
removing that modules export information , wherein said removing step includes 
removing information from an export table : 

securely storing any removed export Information; 

for each module having its export information removed, blocking any attempt 
from another module to invoke its program code if the other module cannot be 
authenticated; and 

if the other module is authenticated, allowing the attempt to proceed using the 
securely stored export information. 

Claim 25 (Canceled). 

Claim 31 (Currently Amended). A system for securing a program comprised of a 
plurality of interoperable components, the system comprising: 

a module for extracting export information about a function of a first component 
of the program that is callable by at least one other component of the program , wherein 
the module for extracting removes an export table entrv for the function of the first 
component : 

a module for securing the extracted export information; 

a validation module for validating authenticity of a second component attempting 
to obtain export information to invoke the function of the first component, validating 
authenticity of the second component; and 
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a security module for blocking the attempt to invoke tlie function of the first 
component if the second component cannot be authenticated. 

Claim 39 (Canceled). 

Claim 45 (Currently Amended). A method for securing an exported function of a 
program, the method comprising: 

extracting export information about the exported function of the orooram . wherein 
said extracting step includes removing an export table entn/ for the exported function : 

securing the extracted export information; 

intercepting an attempt to access the exported function by an importer; 
authenticating the importer for determining whether to permit access to the 
exported function; 

if the importer is authenticated, providing access to the exported function based 
on the secured extracted export information; and 

othenA^ise, blocking access to the exported function. 



Claim 56 (Canceled). 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon. S. Hoffman whose telephone number is 571- 

272- 3863. The examiner can normally be reached on M-F 8:30 - 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser G. Moazzami can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273- 8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-directuspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Brandon Hoffman/ 

NASSER MOAZZAMI 

BH SUPERVISORY PATENT EXAT^INER 

TECHNOLOGY CENTER 2100 




